On Mon, 2002-04-15 at 22:32, Not Zed wrote: > On Mon, 2002-04-15 at 18:11, Russell Steinthal wrote: > > Fellow hackers:
[snip] > > I don't know who the appropriate maintainer is for this section of code, > > so I decided to send it here. If the appropriate person wants to reveal > > himself, I'm happy to take suggested changes, instructions on whether to > > commit, where to send this, etc... > > evolution-patches I suppose. Its usually useful to create a bug to > track it and attach it there too. > > I can't really comment on the calendar interaction code, but the rest of > it looks a little questionable on several fronts. Thanks for the comments... > For example, if the string contains 2 %d's, the second will access a > dereferenced alarm, or if it contains none, then the alarm is leaked (if > i understand the alarm_get/free semantics which appear in other parts of > that file). Once you start getting user-supplied strings, you have to > assume the data wont be correct. Yup, that's a bug. I think it should be sufficient to move the cal_component_alarm_free (alarm) out of the switch and put it at the end along with the g_strfreev (which executes exactly once per function invocation). > Using the g_strsplit and g_strjoin stuff is pretty messy - its much > simpler and more robust to just use a g_string with g_string_append_c > etc, and iterate through the source string char by char. It'll probably > reduce your code by 10% and save executing >50% of what it does now, and > be more readable. What would have been much simpler and cleaner would have been if I could have found a glib-like substitution function already written. :) I tried doing a straight character by character iteration, but needed to constantly grow the string, which looked to be even more sketchy. I suppose g_string avoids that problem... > Finally, none of the arguments are escaped when put into the command > line, which might introduce potential problems - but that sort of > depends on how the string is specified & used, etc. True, although since the arguments are already user-specified, there's no real added security risk. I suppose Evolution could quote the arguments as they are substituted, which would avoid the need to do -s "%s" for a multi-word value, but beyond that, I think we'll (I'll) need to trust the user. Thanks again for the comments--- I'll probably start a rewrite from scratch using g_string, quoting, etc., and generalize it for e-util/ in light of bug #23329 (asking for similar functionality for the mailer). The substitution code can be abstracted out, and the mailer/calendar can just fill the substitution mapping with their own values. -Russell > > > -Russell > > > > Index: calendar/ChangeLog > > =================================================================== > > RCS file: /cvs/gnome/evolution/calendar/ChangeLog,v > > retrieving revision 1.1356 > > diff -u -r1.1356 ChangeLog > > --- calendar/ChangeLog 10 Apr 2002 22:00:45 -0000 1.1356 > > +++ calendar/ChangeLog 15 Apr 2002 08:27:34 -0000 > > @@ -1,3 +1,10 @@ > > +2002-04-15 Russell Steinthal <[EMAIL PROTECTED]> > > + > > + * gui/alarm-notify/alarm-queue.c (alarm_replace_strings): New > > + function to support interpolation of summary, description, > > + appointment start times into arguments for procedure alarms. > > + Currently called only from procedure_notification () > > + > > 2002-04-10 Dan Winship <[EMAIL PROTECTED]> > > > > * gui/gnome-cal.c (gnome_calendar_open): Fix this: Rodrigo's patch > > Index: calendar/gui/alarm-notify/alarm-queue.c > > =================================================================== > > RCS file: /cvs/gnome/evolution/calendar/gui/alarm-notify/alarm-queue.c,v > > retrieving revision 1.21 > > diff -u -r1.21 alarm-queue.c > > --- calendar/gui/alarm-notify/alarm-queue.c 14 Jan 2002 01:07:09 -0000 1.21 > > +++ calendar/gui/alarm-notify/alarm-queue.c 15 Apr 2002 08:27:44 -0000 > > @@ -110,7 +110,7 @@ > > static void audio_notification (time_t trigger, CompQueuedAlarms *cqa, gpointer >alarm_id); > > static void mail_notification (time_t trigger, CompQueuedAlarms *cqa, gpointer >alarm_id); > > static void procedure_notification (time_t trigger, CompQueuedAlarms *cqa, >gpointer alarm_id); > > - > > +static gchar* alarm_replace_strings (gchar *str, time_t trigger, CompQueuedAlarms >*cqa, gpointer alarm_id); > > > > > > /* Alarm queue engine */ > > @@ -793,6 +793,7 @@ > > icalattach *attach; > > const char *url; > > char *cmd; > > + char *subst_cmd; > > int result; > > > > comp = cqa->alarms->comp; > > @@ -825,12 +826,16 @@ > > cmd = (char *) url; > > > > result = 0; > > + > > + subst_cmd = alarm_replace_strings (cmd, trigger, cqa, alarm_id); > > if (procedure_notification_dialog (cmd, url)) > > - result = gnome_execute_shell (NULL, cmd); > > + result = gnome_execute_shell (NULL, subst_cmd); > > > > if (cmd != (char *) url) > > g_free (cmd); > > > > + g_free (subst_cmd); > > + > > icalattach_unref (attach); > > > > /* Fall back to display notification if we got an error */ > > @@ -1028,4 +1033,77 @@ > > g_free (ca); > > > > g_hash_table_remove (client_alarms_hash, client); > > +} > > + > > +static gchar* > > +alarm_replace_strings (gchar *str, time_t trigger, CompQueuedAlarms *cqa, >gpointer alarm_id) > > +{ > > + CalComponent *comp; > > + CalComponentAlarm *alarm; > > + CalComponentText text; > > + QueuedAlarm *qa; > > + > > + gchar **src_tokens, **dest_tokens; > > + gchar **src, **dest, *ret; > > + int num_tokens; > > + > > + /* Find the alarm structures */ > > + comp = cqa->alarms->comp; > > + qa = lookup_queued_alarm (cqa, alarm_id); > > + g_assert (qa != NULL); > > + alarm = cal_component_get_alarm (comp, qa->instance->auid); > > + g_assert (alarm != NULL); > > + > > + src_tokens = g_strsplit (str, "%", 0); > > + src = src_tokens; > > + num_tokens = 0; > > + while (*(src++)) { > > + num_tokens++; > > + } > > + > > + dest_tokens = g_new0 (gchar*, num_tokens * 2); > > + > > + /* The first token can't contain a replacement character */ > > + src = src_tokens; > > + dest = dest_tokens; > > + *(dest++) = g_strdup (*(src++)); > > + > > + while (*src) { > > + switch (**src) { > > + case 's': > > + cal_component_get_summary (comp, &text); > > + *(dest++) = g_strdup (text.value ? text.value : _("No >description available")); > > + *(dest++) = g_strdup (*src+1); > > + break; > > + case 'd': > > + cal_component_alarm_get_description (alarm, &text); > > + cal_component_alarm_free (alarm); > > + *(dest++) = g_strdup (text.value ? text.value : _("No >description available")); > > + *(dest++) = g_strdup (*src+1); > > + break; > > + case 't': > > + *(dest++) = g_strdup_printf ("%ld", >qa->instance->occur_start); /* FIXME */ > > + *(dest++) = g_strdup (*src+1); > > + break; > > + case 'T': > > + *(dest++) = g_strdup ((gchar*) ctime >(&qa->instance->occur_start)); /* FIXME */ > > + *(dest++) = g_strdup (*src+1); > > + break; > > + case '\0': > > + *(dest++) = g_strdup ("%"); > > + if (*(src+1) && **(src+1) == '\0') > > + src++; > > + break; > > + default: > > + *(dest++) = g_strdup (*src+1); > > + break; > > + } > > + src++; > > + } > > + > > + dest = NULL; > > + ret = g_strjoinv ("", dest_tokens); > > + g_strfreev (dest_tokens); > > + g_strfreev (src_tokens); > > + return ret; > > } > > > > -- > > Russell Steinthal Columbia Law School, Class of 2002 > > <[EMAIL PROTECTED]> Columbia College, Class of 1999 > > <[EMAIL PROTECTED]> UNIX System Administrator, nj.org > > > > _______________________________________________ > > evolution-hackers maillist - [EMAIL PROTECTED] > > http://lists.ximian.com/mailman/listinfo/evolution-hackers > > > _______________________________________________ > evolution-hackers maillist - [EMAIL PROTECTED] > http://lists.ximian.com/mailman/listinfo/evolution-hackers -- Russell Steinthal Columbia Law School, Class of 2002 <[EMAIL PROTECTED]> Columbia College, Class of 1999 <[EMAIL PROTECTED]> UNIX System Administrator, nj.org _______________________________________________ evolution-hackers maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution-hackers